Reports associated with the IAF Initiative

Reports exist on how the participants at the different layers within the IAF ISO 13485 certification initiative meet the particular requirements that are appropriate for them:

Accreditation body peer evaluation report

Under the IAF MLA, a peer evaluation report covers the accreditation body’s performance in meeting, among other things, the IAF Mandatory Document for the application of ISO/IEC 17011 - Conformity Assessment - General Requirements for Accreditation Bodies Accrediting Certification Bodies in the Medical Device Quality Management Systems (ISO 13485).

Assessment report on the certification body

Under the accreditation for ISO 13485 by IAF accreditation body members, the accreditation body provides an accreditation assessment report of a certification body’s performance in meeting, among other things, the IAF Mandatory Document for the application of ISO/IEC 17021- Conformity Assessment - Requirements for Bodies Providing Audit and Certification of Management Systems in the Medical Device Quality Management Systems (ISO 13485).

Medical device manufacturer’s audit report

This is the audit report prepared by the certification body that indicates the medical device manufacturer’s performance in meeting, among other things, the requirements of the quality management system standard ISO 13485.

Regulatory authorities that have specified the use of the IAF accredited ISO 13485 certification initiative in their legislation may be provided access to the accreditation body, certification body and the participating medical device manufacturer’s reports and facilities.

Using Accredited ISO 13485 Certification in Practice

Requirements for IAF accredited certification are designed to enforce one credible and transparent ISO 13485 audit to meet the needs of regulatory authorities. In order for this to occur, ISO 13485 certificates should be identified in the national medical device regulation through appropriate national legislative processes.

By recognizing IAF accredited ISO 13485 certificates in the national legislation, countries gain access to the audit reports in addition to being able to inspect any participating accreditation body, certification body or medical device manufacturer. Although there are many ways in which ISO 13485 accredited certificates may be included into a new medical device regulation, the most likely approach would be to specify it as a requirement for registering medium\risk or higher risk medical devices with the Regulatory Authority. An example of how a national medical device regulation could reference IAF accredited ISO 13485 certificates is provided below.

The use of the IAF accredited ISO 13485 certification program can make a significant contribution towards developing a harmonized medical device regulation. It does not, however, describe or mention Medical Device Reporting (MDR), how to classify the risk level of a medical device or how they should be labelled. IAF accredited ISO 13485 certificates are expected to be part of the medical device regulation that pertains to product registration and quality management system requirements. The GHTF provides free, detailed guidance at www.ghtf.org for developing a more complete and harmonized medical device regulation.

[Regulation Number]Medical Device Registration

An application for registering a class 2 or higher medical device shall be submitted to the [Name of Regulatory Authority] by the manufacturer and shall contain the following:

a) A copy of a current and valid IAF accredited ISO 13485 quality management system certificate certifying that the quality management system under which the device is manufactured satisfiesISO 13485 Medical devices - Quality management systems - Requirements for regulatory purposes.

b) ...other requirement(s)

Considering exemptions for ISO 13485 certification

In 2011, there are an estimated 5,000 different medical device categories that account for 90,000 different products used by healthcare systems worldwide. More than 50% of these medical devices are considered low risk. Many low risk medical devices are safer than less regulated consumer products.

Although it is expected that accredited certificates for ISO 13485 will become available within the first year of its adoption by IAF, regulators need to provide manufacturers with an opportunity to learn and adapt to any new regulation. Enforcing IAF accredited certification before industry has had time to prepare could have an adverse impact on the healthcare system if it is enforced too soon. Each country that adopts the IAF accredited certification to ISO 13485 into its regulations should make the new regulation as widely known as possible to provide medical device manufacturers time to prepare. It is recommended that a transition period of three years be provided to allow all stakeholders time to adjust to the IAF accreditation requirements.

Communication between Stakeholders

In order for this IAF accredited ISO 13485 Certification Initiative to contribute to an efficient regulatory system, it is vital for effective communication channels to exist between regulators, accreditation bodies and conformity assessment bodies. Communication is a key element of this initiative and is intended to support mutual confidence building. It is recommended that regulators establish a communication framework between them and their local accreditation body that is visible to the conformity assessment bodies and medical device manufacturers.